You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
166 lines
5.3 KiB
166 lines
5.3 KiB
#!/usr/bin/env python
|
|
'''
|
|
Copyright (C) 2020, WAFW00F Developers.
|
|
See the LICENSE file for copying permission.
|
|
'''
|
|
|
|
# NOTE: this priority list is used so that each check can be prioritized,
|
|
# so that the quick checks are done first and ones that require more
|
|
# requests, are done later
|
|
|
|
|
|
wafdetectionsprio = [
|
|
'ACE XML Gateway (Cisco)',
|
|
'aeSecure (aeSecure)',
|
|
'AireeCDN (Airee)',
|
|
'Airlock (Phion/Ergon)',
|
|
'Alert Logic (Alert Logic)',
|
|
'AliYunDun (Alibaba Cloud Computing)',
|
|
'Anquanbao (Anquanbao)',
|
|
'AnYu (AnYu Technologies)',
|
|
'Approach (Approach)',
|
|
'AppWall (Radware)',
|
|
'Armor Defense (Armor)',
|
|
'ArvanCloud (ArvanCloud)',
|
|
'ASP.NET Generic (Microsoft)',
|
|
'ASPA Firewall (ASPA Engineering Co.)',
|
|
'Astra (Czar Securities)',
|
|
'AWS Elastic Load Balancer (Amazon)',
|
|
'AzionCDN (AzionCDN)',
|
|
'Azure Front Door (Microsoft)',
|
|
'Barikode (Ethic Ninja)',
|
|
'Barracuda (Barracuda Networks)',
|
|
'Bekchy (Faydata Technologies Inc.)',
|
|
'Beluga CDN (Beluga)',
|
|
'BIG-IP Local Traffic Manager (F5 Networks)',
|
|
'BinarySec (BinarySec)',
|
|
'BitNinja (BitNinja)',
|
|
'BlockDoS (BlockDoS)',
|
|
'Bluedon (Bluedon IST)',
|
|
'BulletProof Security Pro (AITpro Security)',
|
|
'CacheWall (Varnish)',
|
|
'CacheFly CDN (CacheFly)',
|
|
'Comodo cWatch (Comodo CyberSecurity)',
|
|
'CdnNS Application Gateway (CdnNs/WdidcNet)',
|
|
'ChinaCache Load Balancer (ChinaCache)',
|
|
'Chuang Yu Shield (Yunaq)',
|
|
'Cloudbric (Penta Security)',
|
|
'Cloudflare (Cloudflare Inc.)',
|
|
'Cloudfloor (Cloudfloor DNS)',
|
|
'Cloudfront (Amazon)',
|
|
'CrawlProtect (Jean-Denis Brun)',
|
|
'DataPower (IBM)',
|
|
'DenyALL (Rohde & Schwarz CyberSecurity)',
|
|
'Distil (Distil Networks)',
|
|
'DOSarrest (DOSarrest Internet Security)',
|
|
'DotDefender (Applicure Technologies)',
|
|
'DynamicWeb Injection Check (DynamicWeb)',
|
|
'Edgecast (Verizon Digital Media)',
|
|
'Eisoo Cloud Firewall (Eisoo)',
|
|
'Expression Engine (EllisLab)',
|
|
'BIG-IP AppSec Manager (F5 Networks)',
|
|
'BIG-IP AP Manager (F5 Networks)',
|
|
'Fastly (Fastly CDN)',
|
|
'FirePass (F5 Networks)',
|
|
'FortiWeb (Fortinet)',
|
|
'GoDaddy Website Protection (GoDaddy)',
|
|
'Greywizard (Grey Wizard)',
|
|
'Huawei Cloud Firewall (Huawei)',
|
|
'HyperGuard (Art of Defense)',
|
|
'Imunify360 (CloudLinux)',
|
|
'Incapsula (Imperva Inc.)',
|
|
'IndusGuard (Indusface)',
|
|
'Instart DX (Instart Logic)',
|
|
'ISA Server (Microsoft)',
|
|
'Janusec Application Gateway (Janusec)',
|
|
'Jiasule (Jiasule)',
|
|
'Kona SiteDefender (Akamai)',
|
|
'KS-WAF (KnownSec)',
|
|
'KeyCDN (KeyCDN)',
|
|
'LimeLight CDN (LimeLight)',
|
|
'LiteSpeed (LiteSpeed Technologies)',
|
|
'Open-Resty Lua Nginx (FLOSS)',
|
|
'Oracle Cloud (Oracle)',
|
|
'Malcare (Inactiv)',
|
|
'MaxCDN (MaxCDN)',
|
|
'Mission Control Shield (Mission Control)',
|
|
'ModSecurity (SpiderLabs)',
|
|
'NAXSI (NBS Systems)',
|
|
'Nemesida (PentestIt)',
|
|
'NevisProxy (AdNovum)',
|
|
'NetContinuum (Barracuda Networks)',
|
|
'NetScaler AppFirewall (Citrix Systems)',
|
|
'Newdefend (NewDefend)',
|
|
'NexusGuard Firewall (NexusGuard)',
|
|
'NinjaFirewall (NinTechNet)',
|
|
'NullDDoS Protection (NullDDoS)',
|
|
'NSFocus (NSFocus Global Inc.)',
|
|
'OnMessage Shield (BlackBaud)',
|
|
'Palo Alto Next Gen Firewall (Palo Alto Networks)',
|
|
'PerimeterX (PerimeterX)',
|
|
'PentaWAF (Global Network Services)',
|
|
'pkSecurity IDS (pkSec)',
|
|
'PT Application Firewall (Positive Technologies)',
|
|
'PowerCDN (PowerCDN)',
|
|
'Profense (ArmorLogic)',
|
|
'Puhui (Puhui)',
|
|
'Qcloud (Tencent Cloud)',
|
|
'Qiniu (Qiniu CDN)',
|
|
'Reblaze (Reblaze)',
|
|
'RSFirewall (RSJoomla!)',
|
|
'RequestValidationMode (Microsoft)',
|
|
'Sabre Firewall (Sabre)',
|
|
'Safe3 Web Firewall (Safe3)',
|
|
'Safedog (SafeDog)',
|
|
'Safeline (Chaitin Tech.)',
|
|
'SecKing (SecKing)',
|
|
'eEye SecureIIS (BeyondTrust)',
|
|
'SecuPress WP Security (SecuPress)',
|
|
'SecureSphere (Imperva Inc.)',
|
|
'Secure Entry (United Security Providers)',
|
|
'SEnginx (Neusoft)',
|
|
'ServerDefender VP (Port80 Software)',
|
|
'Shield Security (One Dollar Plugin)',
|
|
'Shadow Daemon (Zecure)',
|
|
'SiteGround (SiteGround)',
|
|
'SiteGuard (Sakura Inc.)',
|
|
'Sitelock (TrueShield)',
|
|
'SonicWall (Dell)',
|
|
'UTM Web Protection (Sophos)',
|
|
'Squarespace (Squarespace)',
|
|
'SquidProxy IDS (SquidProxy)',
|
|
'StackPath (StackPath)',
|
|
'Sucuri CloudProxy (Sucuri Inc.)',
|
|
'Tencent Cloud Firewall (Tencent Technologies)',
|
|
'Teros (Citrix Systems)',
|
|
'Trafficshield (F5 Networks)',
|
|
'TransIP Web Firewall (TransIP)',
|
|
'URLMaster SecurityCheck (iFinity/DotNetNuke)',
|
|
'URLScan (Microsoft)',
|
|
'UEWaf (UCloud)',
|
|
'Varnish (OWASP)',
|
|
'Viettel (Cloudrity)',
|
|
'VirusDie (VirusDie LLC)',
|
|
'Wallarm (Wallarm Inc.)',
|
|
'WatchGuard (WatchGuard Technologies)',
|
|
'WebARX (WebARX Security Solutions)',
|
|
'WebKnight (AQTRONIX)',
|
|
'WebLand (WebLand)',
|
|
'RayWAF (WebRay Solutions)',
|
|
'WebSEAL (IBM)',
|
|
'WebTotem (WebTotem)',
|
|
'West263 CDN (West263CDN)',
|
|
'Wordfence (Defiant)',
|
|
'WP Cerber Security (Cerber Tech)',
|
|
'WTS-WAF (WTS)',
|
|
'360WangZhanBao (360 Technologies)',
|
|
'XLabs Security WAF (XLabs)',
|
|
'Xuanwudun (Xuanwudun)',
|
|
'Yundun (Yundun)',
|
|
'Yunsuo (Yunsuo)',
|
|
'Yunjiasu (Baidu Cloud Computing)',
|
|
'YXLink (YxLink Technologies)',
|
|
'Zenedge (Zenedge)',
|
|
'ZScaler (Accenture)'
|
|
]
|